dslreports logo
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
8
share rss forum feed

Lazlow

join:2006-08-07
Saint Louis, MO
reply to k1ll3rdr4g0n

Re: So....

It also occurred to me that the guy hooking the university's Ethernet cord into a lan port (instead of wan port) may not have been a mistake. Most universities have a ban on game servers and file sharing on their network. They usually monitor this by the IP they have assigned. Hooking a router in as you described would allow one to create a private lan, using a different subnet than the university. Since most routers allow you to set whatever mac you like and the router would not need a university assigned IP, it would be difficult to track down. One would set the router to filter for macs, allowing only those that one invited onto the private lan. Hopefully those macs would all be spoofed macs (keep the other members anonymous as well). While such a lan would not have any connection capability beyond the student side of the router(no internet access) many (most?) universities only have one router for the student body(on campus of course). This would mean that one could have a file sharing network with a lot of members, only limited by the number of IPs the router could support. As most universities use 100Mbps hardware (some even GigE) the network would be very fast. The only way to track down such a network is to physically track the signal back through all the switches one at a time( time consuming). Assuming the network was only run during after hours (outside of 7am-7pm) most IT departments probably would never discover the network, and even if they did they would not have the resources(or the motivation in most cases) to track it down.

k1ll3rdr4g0n

join:2005-03-19
Homer Glen, IL
said by Lazlow:

It also occurred to me that the guy hooking the university's Ethernet cord into a lan port (instead of wan port) may not have been a mistake. Most universities have a ban on game servers and file sharing on their network. They usually monitor this by the IP they have assigned. Hooking a router in as you described would allow one to create a private lan, using a different subnet than the university. Since most routers allow you to set whatever mac you like and the router would not need a university assigned IP, it would be difficult to track down. One would set the router to filter for macs, allowing only those that one invited onto the private lan. Hopefully those macs would all be spoofed macs (keep the other members anonymous as well). While such a lan would not have any connection capability beyond the student side of the router(no internet access) many (most?) universities only have one router for the student body(on campus of course). This would mean that one could have a file sharing network with a lot of members, only limited by the number of IPs the router could support. As most universities use 100Mbps hardware (some even GigE) the network would be very fast. The only way to track down such a network is to physically track the signal back through all the switches one at a time( time consuming). Assuming the network was only run during after hours (outside of 7am-7pm) most IT departments probably would never discover the network, and even if they did they would not have the resources(or the motivation in most cases) to track it down.
Have you ever used a managed switch?
Those things are POWERFUL, I couldn't tell you exactly how but I am sure that if you feed DHCP back into the network I am almost sure that using a Cisco managed switch you can find exactly what port the DHCP is coming out of. All without having to get out of your chair.

»itknowledgeexchange.techtarget.c ··· network/

Knowing that, it would be really stupid to hook it up like that because the networking team could see it right away.